Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/IoPi8vqHJVVUh24E3OVgf2iKnfc.roa
File: IoPi8vqHJVVUh24E3OVgf2iKnfc.roa (raw, json)
Hash identifier: 7y00phyafHTeh8zXy5GHwc1y56wFGzLxSEiqqkAJMJA=
Subject key identifier: 22:83:E2:F2:FA:87:25:55:54:87:6E:04:DC:E5:60:7F:68:8A:9D:F7
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 01893E3A3AAC1FBECAE319178AB621F4BCBA
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/IoPi8vqHJVVUh24E3OVgf2iKnfc.roa
Signing time: Mon 10 Jul 2023 05:15:50 +0000
ROA not before: Mon 10 Jul 2023 05:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 178.171.104.0/24 maxlen: 24
158.46.196.0/22 maxlen: 22
178.171.0.0/20 maxlen: 20
178.171.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:3a:3a:ac:1f:be:ca:e3:19:17:8a:b6:21:f4:bc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jul 10 05:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2283e2f2fa87255554876e04dce5607f688a9df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:af:81:03:1c:7e:3d:b8:83:d7:35:c8:5b:e9:
f3:6c:17:c1:76:4a:01:86:d7:fc:d5:14:a4:29:3a:
8f:d9:18:af:d4:93:05:ab:39:02:f3:3d:d8:04:aa:
ec:d0:7f:15:a9:ff:f9:7e:4e:13:03:fa:bb:65:72:
24:03:b6:16:5e:bb:c7:45:6b:41:99:e2:d7:af:0f:
4d:7f:aa:8b:51:11:4b:e9:d2:de:f7:83:71:a0:4f:
ca:dd:a4:f1:05:bc:bf:2d:68:e9:78:6c:38:43:37:
5d:ca:03:8f:e4:67:bb:0f:83:dd:5d:33:48:f7:1c:
4a:a3:7f:50:da:49:ab:0d:83:2c:33:26:a3:af:ee:
ba:73:33:f9:1c:66:16:38:81:d1:1e:76:e6:16:ab:
4e:37:ef:64:71:4f:e6:66:4f:25:6b:bf:bd:a3:3e:
75:75:fc:c9:d3:fc:75:92:1e:f5:a0:3f:97:b5:32:
e0:7b:5d:34:da:24:a2:95:a3:b7:2a:e7:49:96:8b:
d7:0a:24:91:37:b5:ed:e0:26:fc:2b:4e:2c:10:5f:
03:7c:08:bb:e3:cd:6d:16:36:ba:5e:10:07:bd:58:
c9:65:3b:aa:dd:79:ad:f8:0b:e7:f1:f1:ee:05:13:
ff:21:56:89:c9:ba:31:ce:f0:cb:e7:2c:61:eb:93:
e9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:83:E2:F2:FA:87:25:55:54:87:6E:04:DC:E5:60:7F:68:8A:9D:F7
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/IoPi8vqHJVVUh24E3OVgf2iKnfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.196.0/22
178.171.0.0/20
178.171.104.0/24
178.171.122.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a8:e5:d1:87:56:59:89:f2:26:ef:1b:d3:32:bf:11:26:25:
63:34:b7:82:e7:3f:c1:d5:9d:5f:31:f5:a4:e6:9c:f4:ce:66:
0d:6f:44:42:ae:c1:53:83:94:c0:61:47:0b:db:9b:d1:f3:ae:
3f:a1:59:35:d5:01:75:0f:7b:f1:5f:6d:8f:b7:86:5d:ed:8c:
ab:d8:b0:12:e0:e1:ab:65:f2:05:e0:bb:a2:19:0e:24:df:7d:
e4:68:36:ea:44:5d:fb:46:01:55:65:9e:b6:a4:b6:30:30:a3:
08:2b:23:10:7d:98:bb:4e:da:00:1d:15:ec:7f:5a:9a:e9:b9:
21:85:be:af:02:7a:d6:4f:d1:e1:4f:b0:85:cf:8d:b7:a7:ae:
88:0a:16:08:c0:2d:c2:cb:08:31:6f:75:65:f6:98:87:73:c8:
49:68:ae:23:6d:b4:9f:54:21:91:e4:2e:8d:34:9d:52:12:93:
24:48:e9:ee:5b:da:94:00:2e:94:73:ad:3f:88:b7:43:19:5d:
8b:5d:88:f8:a5:cb:2e:72:6a:bd:75:ab:6b:98:61:b9:fe:e0:
81:95:a5:a0:27:e7:b3:5b:14:32:81:0a:0b:10:bb:f5:7c:0f:
22:93:a4:a7:63:c9:e2:2b:31:fa:04:2e:e9:f8:60:d3:24:98:
72:33:9f:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYk+OjqsH77K4xkXirYh9Ly6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwNzEwMDUxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjgzZTJmMmZhODcyNTU1NTQ4NzZlMDRkY2U1NjA3ZjY4OGE5ZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6K+BAxx+PbiD1zXIW+nzbBfBdkoB
htf81RSkKTqP2Riv1JMFqzkC8z3YBKrs0H8Vqf/5fk4TA/q7ZXIkA7YWXrvHRWtB
meLXrw9Nf6qLURFL6dLe94NxoE/K3aTxBby/LWjpeGw4QzddygOP5Ge7D4PdXTNI
9xxKo39Q2kmrDYMsMyajr+66czP5HGYWOIHRHnbmFqtON+9kcU/mZk8la7+9oz51
dfzJ0/x1kh71oD+XtTLge1002iSilaO3KudJlovXCiSRN7Xt4Cb8K04sEF8DfAi7
481tFja6XhAHvVjJZTuq3Xmt+Avn8fHuBRP/IVaJyboxzvDL5yxh65PpuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCKD4vL6hyVVVIduBNzlYH9oip33MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvSW9QaTh2cUhKVlZVaDI0RTNPVmdmMmlLbmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCni7EAwQE
sqsAAwQAsqtoAwQAsqt6MA0GCSqGSIb3DQEBCwUAA4IBAQBlqOXRh1ZZifIm7xvT
Mr8RJiVjNLeC5z/B1Z1fMfWk5pz0zmYNb0RCrsFTg5TAYUcL25vR864/oVk11QF1
D3vxX22Pt4Zd7Yyr2LAS4OGrZfIF4LuiGQ4k333kaDbqRF37RgFVZZ62pLYwMKMI
KyMQfZi7TtoAHRXsf1qa6bkhhb6vAnrWT9HhT7CFz423p66IChYIwC3Cywgxb3Vl
9piHc8hJaK4jbbSfVCGR5C6NNJ1SEpMkSOnuW9qUAC6Uc60/iLdDGV2LXYj4pcsu
cmq9datrmGG5/uCBlaWgJ+ezWxQygQoLELv1fA8ik6SnY8niKzH6BC7p+GDTJJhy
M5/M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org